March 2026
Visa Protect eBook

How Visa Helps Businesses Stay Ahead of Payment Fraud

As customers expect every payment to go through instantly and safely, fraud is getting increasingly harder to spot. Four experts at Visa discussed why stronger fraud defense now depend less on blunt rules and more on context, precision and earlier detection across the full payments journey.

Get Unlimited Access
Complete the form below for free, unlimited access to all our Data Studies, Trackers, and PYMNTS Intelligence reports.

Thank you for registering. Please confirm your email to view all our Trackers.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    Payments are supposed to feel easy: tap, click, approve, move on. But behind that simplicity, keeping payments safe has become far more complex. Fraud is no longer limited to stolen card numbers or isolated fraudsters testing a few transactions. It now stretches across scams, cyberattacks, fake identities, account takeovers and check fraud. Artificial intelligence powers much of it, moving at speeds that leave businesses little time to respond. At the same time, consumers and businesses still expect every payment to be fast, smooth and secure.

    That creates a difficult balancing act for issuers, merchants and payment providers. They need to catch bad activity without stopping good customers from completing legitimate transactions. They need to protect trust without creating friction. And they need to do it across a payment ecosystem where threats begin long before a consumer or business ever authorizes a transaction. Visa Protect’s suite of risk and security solutions is built for that environment. Throughout the payment journey, it helps businesses detect suspicious behavior, prevent fraud and scams and deliver seamless payment experiences to customers, keeping commerce moving.

    Visa Protect is built for that environment. Throughout the payment journey, it helps businesses detect suspicious behavior, strengthen fraud defenses, support better decision-making and protect legitimate transactions that keep commerce moving.

    About the Interview Series

    In a series of interviews with PYMNTS, Visa executives described how the fight against fraud is evolving and what businesses need to do next. Their conversations covered everything from the rise of scams and the persistence of check fraud to the growing overlap between cybersecurity and payments risk, as well as how better modeling can help institutions distinguish real fraud from normal customer behavior.

    Across all four discussions, one message came through clearly. Stopping fraud today is not about applying more blunt rules. It’s about seeing risk earlier, understanding context more clearly and combining AI, data and human judgment in ways that protect trust as much as they protect transactions.

    Three Key Themes

    • Today’s threats do not neatly fit into a single payment type or a single point in the journey. They can start with a cyber event, a scam, a stolen check, a compromised account or a digital wallet provisioning attempt, then spread quickly across channels.
    • Stopping fraud is important, but so is allowing legitimate commerce to proceed. Overly broad controls create false declines, friction and lost trust. The best fraud defenses are precise enough to detect anomalies without blocking good customers.
    • AI is now essential in fraud prevention, but AI alone is not enough. Better outcomes come from combining advanced models with shared intelligence, behavioral context and experienced teams that can interpret what the signals mean.

    Fraud Needs Context, Not Just More Data

    John Munn, senior vice president and head of predictive fraud intelligence at Visa, framed fraud in a way that goes beyond the usual conversation. To a data scientist, he explained, fraud isn’t always obvious in the moment. It often appears as a subtle deviation in behavior, something that’s only visible when viewing transactions as part of a larger, living system rather than as isolated events. That shift in perspective matters more now because criminals are using AI to move faster, probe defenses at scale and exploit rigid controls.

    “I think that’s always going to be the story with fraud,” Munn said. “It’s such a big and booming criminal business.”

    One of Munn’s most important points was that fraud teams cannot define success only by how much bad activity they stop. Broad controls may shut down suspicious traffic, but they also block legitimate transactions and create false declines that frustrate consumers and hurt both financial institutions and merchants. That’s why he described the real challenge as one of misclassification. If a system mistakes normal customer behavior for fraud, it creates noise, weakens the signal and can make it harder to spot the real threat. In that sense, smarter fraud defense is not just about catching more bad actors. It’s about knowing when not to intervene.

    Munn also pushed the conversation upstream, stating that fraud doesn’t begin at authorization. Risk can emerge during account login, token provisioning, credential testing and other points that come earlier in the customer journey. That means effective prevention has to begin before the payment itself. Newer deep learning models improve that process by identifying subtle behavioral changes across longer data histories with greater precision. According to Munn, Visa’s deep learning models deliver authorization rates that are 15% to 20% higher than previous generations. The goal isn’t just fewer losses. It’s more confidence in approving good commerce.

    Check Fraud Shows How Old Risks Become New Again

    Michele Herron, senior vice president and head of North America value-added services at Visa, focused on a payment method many assume belongs to the past but still creates very real problems in the present: checks. Even in a market full of digital wallets and instant payments, many Americans are still depositing checks. That persistence matters because checks remain unusually vulnerable to fraud.

    PYMNTS Intelligence data cited in the interview found that checks accounted for 30% of U.S. fraud losses in 2024. They’re also 31 times more likely to be fraudulent than real-time transactions.

    “Americans deposit more than 11 billion checks per year,” Herron said. “They are not the best, most efficient or safest way to be paid.”

    Herron described a fraud landscape that mixes old tactics with new tools. Criminals still counterfeit, forge and steal checks, but AI is making those efforts easier to scale and harder to detect. She pointed to the growing ability of AI to mimic handwriting, signatures and physical details with remarkable accuracy. That creates fresh urgency around detection. Visa, she said, is using AI-driven image forensics to detect inconsistencies such as bleach stains and other evidence that a check has been altered. But image review is only part of the story.

    Herron emphasized behavioral analytics as a critical second layer. Rather than looking at a single check or transaction in isolation, systems can build a profile of a given consumer’s normal behavior and spot activity that falls outside that pattern. That is especially important because check fraud often spills into other rails. A bad check can mule account activity and other forms of cross-channel fraud, as well as trigger electronic reimbursements before the original item fails to clear.

    In other words, the problem is bigger than paper. It’s a broader payments risk signal. Herron’s interview made clear that legacy payment methods can still create modern vulnerabilities, and that protecting against this requires both forensic tools and a wider, connected view of fraud.

    Winning the Fraud Fight Starts Upstream with Cybersecurity

    Jeremiah Dewey, head of cyber solutions at Visa, argued that businesses can no longer treat cybersecurity as a back-office technical function. In his view, that thinking is outdated and dangerous. As attacks scale, ecosystems become more interconnected, and trust becomes harder to win. Cybersecurity is increasingly tied directly to business performance.

    “It is a core business function,” Dewey said. “I find it hard to think of any business today that isn’t at its core a technology business.”

    That point is especially relevant in payments, where a cyber weakness upstream can quickly become a fraud problem downstream. According to Dewey, “the vast majority of fraud begins with a cyberattack,” linking security failures to false declines, customer attrition, reputational damage and financial losses. He described a threat environment that no longer revolves around brute-force attacks. Instead, criminals exploit misconfigured APIs, stolen credentials, third-party vulnerabilities and identities that now extend beyond people to devices and even AI agents. In that environment, a company that only protects its own perimeter is leaving part of its risk posture in the hands of others.

    Dewey argued that the stronger approach is to build security early, treat it as part of the product experience and use ecosystem-wide intelligence to spot patterns quickly. He stated that Visa’s position within a global network gives it a wide view of activity that individual institutions cannot replicate on their own. That intelligence can help clients not just respond to fraud but prevent it earlier.

    He also described AI as an important equalizer, allowing smaller issuers, merchants and FinTechs to access stronger defensive capabilities. Still, he was clear that AI alone is not enough.

    “The human element still comes into play when you have to make judgment calls,” Dewey said. In his telling, the goal of cybersecurity isn’t simply defense. It’s enabling trust, resilience and growth in digital commerce.

    Fraud Scams Demand Speed, Judgment and Shared Intelligence

    Aman Cheema, vice president of global professional services and networks at Visa, focused on one of the hardest problems in fraud today: scams. Unlike classic fraud, scams often rely on social engineering rather than stolen credentials. The victim authorizes the payment, believing it’s legitimate. That makes detection much harder, especially when the money moves quickly across faster payment rails.

    “The payment method of choice being used is typically a faster payment rail,” Cheema said, warning that once funds are sent, recovery can be extremely difficult.

    Cheema’s broader point was that the industry has entered a new phase in which AI is necessary but no longer a point of differentiation in itself. Financial institutions, merchants and fraudsters all have access to increasingly powerful tools. That means the edge comes from how they use those tools. Scams exploit speed, but they also exploit people. Criminals can now use generative AI to gather personal information, imitate trusted contacts and create highly convincing messages that persuade victims to act against their own interests. Because the payment is authorized, the transaction can look normal to a system that lacks context.

    That’s why Cheema stressed the importance of adaptive behavioral analytics. By modeling how customers usually transact, institutions can begin to see when activity falls outside the norm. But even then, more data isn’t automatically better.

    “There’s a lot of data out there,” he said. “There’s also a lot of noise.” What matters is finding the signals that deserve attention and acting on them fast. Cheema argued that this is where human expertise still provides the decisive advantage. Skilled risk experts can connect patterns across merchant categories, customer profiles and geographies before an automated system fully catches up.

    Shared intelligence across the ecosystem can then help institutions respond more quickly and protect others from the same attack pattern. His summary of the strongest model was simple and useful. Fraud prevention now works best when it combines humans, applications and data, each strengthened by AI.

    About

    Visa (NYSE: V) is a world leader in digital payments, facilitating transactions between consumers, sellers, financial institutions and government entities across more than 200 countries and territories. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive. We believe that economies that include everyone everywhere, uplift everyone everywhere and see access as foundational to the future of money movement. Learn more at Visa.com.

    PYMNTS INTELLIGENCE

    PYMNTS Intelligence is a leading global data and analytics platform that uses proprietary data and methods to provide actionable insights on what’s now and what’s next in payments, commerce and the digital economy. Its team of data scientists includes leading economists, econometricians, survey experts, financial analysts and marketing scientists with deep experience in the application of data to the issues that define the future of the digital transformation of the global economy. This multi-lingual team has conducted original data collection and analysis in more than three dozen global markets for some of the world’s leading publicly traded and privately held firms.

    We are interested in your feedback on this report. If you have questions or comments, or if you would like to subscribe to this report, please email us at feedback@pymnts.com.

    Disclaimer

    The How Visa Helps Businesses Stay Ahead of Payment Fraud eBook may be updated periodically. While reasonable efforts are made to keep the content accurate and up to date, PYMNTS MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, REGARDING THE CORRECTNESS, ACCURACY, COMPLETENESS, ADEQUACY, OR RELIABILITY OF OR THE USE OF OR RESULTS THAT MAY BE GENERATED FROM THE USE OF THE INFORMATION OR THAT THE CONTENT WILL SATISFY YOUR REQUIREMENTS OR EXPECTATIONS. THE CONTENT IS PROVIDED “AS IS” AND ON AN “AS AVAILABLE” BASIS. YOU EXPRESSLY AGREE THAT YOUR USE OF THE CONTENT IS AT YOUR SOLE RISK. PYMNTS SHALL HAVE NO LIABILITY FOR ANY INTERRUPTIONS IN THE CONTENT THAT IS PROVIDED AND DISCLAIMS ALL WARRANTIES WITH REGARD TO THE CONTENT, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT AND TITLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES, AND, IN SUCH CASES, THE STATED EXCLUSIONS DO NOT APPLY. PYMNTS RESERVES THE RIGHT AND SHOULD NOT BE LIABLE SHOULD IT EXERCISE ITS RIGHT TO MODIFY, INTERRUPT, OR DISCONTINUE THE AVAILABILITY OF THE CONTENT OR ANY COMPONENT OF IT WITH OR WITHOUT NOTICE.
    PYMNTS SHALL NOT BE LIABLE FOR ANY DAMAGES WHATSOEVER, AND, IN PARTICULAR, SHALL NOT BE LIABLE FOR ANY SPECIAL, INDIRECT, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, OR DAMAGES FOR LOST PROFITS, LOSS OF REVENUE, OR LOSS OF USE, ARISING OUT OF OR RELATED TO THE CONTENT, WHETHER SUCH DAMAGES ARISE IN CONTRACT, NEGLIGENCE, TORT, UNDER STATUTE, IN EQUITY, AT LAW, OR OTHERWISE, EVEN IF PYMNTS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    SOME JURISDICTIONS DO NOT ALLOW FOR THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, AND IN SUCH CASES, SOME OF THE ABOVE LIMITATIONS DO NOT APPLY. THE ABOVE DISCLAIMERS AND LIMITATIONS ARE PROVIDED BY PYMNTS AND ITS PARENTS, AFFILIATED AND RELATED COMPANIES, CONTRACTORS, SPONSORS AND EACH OF ITS RESPECTIVE DIRECTORS, OFFICERS, MEMBERS, EMPLOYEES, AGENTS, CONTENT COMPONENT PROVIDERS, LICENSORS AND ADVISERS.
    Components of the content original to and the compilation produced by PYMNTS is the property of PYMNTS and cannot be reproduced without its prior written permission.